Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,045
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

872 advisories

Loading
A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager... Moderate Unreviewed
CVE-2025-46809 was published Jul 31, 2025
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of... High Unreviewed
CVE-2025-26332 was published Jul 30, 2025
Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File... High Unreviewed
CVE-2025-30105 was published Jul 30, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43225 was published Jul 30, 2025
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file... Moderate Unreviewed
CVE-2025-53649 was published Jul 29, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43485 was published Jul 23, 2025
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated... Moderate Unreviewed
CVE-2025-7371 was published Jul 22, 2025
Insertion of sensitive information into log file issue exists in "region PAY" App for Android... Low Unreviewed
CVE-2025-52580 was published Jul 22, 2025
RageAgainstThePixel/setup-steamcmd leaked authentication token in job output logs High
GHSA-c5qx-p38x-qf5w was published for RageAgainstThePixel/setup-steamcmd (GitHub Actions) Jul 21, 2025
BrknRobot
buildalon/setup-steamcmd leaked authentication token in job output logs High
GHSA-mj96-mh85-r574 was published for buildalon/setup-steamcmd (GitHub Actions) Jul 21, 2025
BrknRobot
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can... Moderate Unreviewed
CVE-2025-54319 was published Jul 20, 2025
Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to... High Unreviewed
CVE-2025-6391 was published Jul 18, 2025
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely... Moderate Unreviewed
CVE-2025-51497 was published Jul 17, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of... Moderate Unreviewed
CVE-2025-30483 was published Jul 15, 2025
Directus tokens are not redacted in flow logs, exposing session credentials to all admin Moderate
CVE-2025-53886 was published for directus (npm) Jul 15, 2025
licitdev
Directus is vulnerable to sensitive data exposure as user data is not being redacted when logged Moderate
CVE-2025-53885 was published for directus (npm) Jul 15, 2025
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit... Moderate Unreviewed
CVE-2025-6392 was published Jul 11, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-36599 was published Jul 9, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5464 was published Jul 8, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5463 was published Jul 8, 2025
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear... Moderate Unreviewed
CVE-2025-6711 was published Jul 7, 2025
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the... Moderate Unreviewed
CVE-2024-9453 was published Jul 4, 2025
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell... Moderate Unreviewed
CVE-2025-6587 was published Jul 3, 2025
mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data Moderate
GHSA-fv92-fjc5-jj9h was published for github.com/go-viper/mapstructure/v2 (Go) Jun 27, 2025
cipherboy
OpenBao Inserts Sensitive Information into Log File when processing malformed data Moderate
CVE-2025-52893 was published for github.com/openbao/openbao/sdk/v2 (Go) Jun 26, 2025
cipherboy
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database